Download WAF Brochure - Cyberoam

On-Appliance ReportingWeb Application Firewall Subscriptionon Cyberoam UTM appliancesProtecting Web Applications from hackersApplicationVisibility and ControlFirewallWeb Application FirewallAnti-Virus &Anti-SpywareS e c u r i n g Y o uwww.cyberoam.comWeb FilteringIntrusionPreventionSystemBandwidth Management

Future-readyCR 50iNGPOWERRESETPOWERCF/HDDConsole H G F E D C B AFuture-readyCR 50iNGPOWERRESETPOWERCF/HDDConsole H G F E D C B AIntroductionToday, organizations host critical web-based applicationslike CRM, ERP, inventory management, online banking andE-commerce applications, and more, that serve businessinformation to employees, partners and customers.However, hackers are increasingly exploitingvulnerabilities present in these web-applications to breakinto organizations’ IT networks and reach the databaseserver where all corporate data resides. This can result intoloss of business and customer data, IPR theft, downtime,and more, leading to loss of reputation, business andcustomers. Unfortunately, no organization is today left outfrom web-application attacks, including Governments,banks, retail, manufacturing organizations, and more.?ExpensiveBest of breedWAFAffordableCyberoam UTM withWAF subscriptionWith Cyberoam’s Web Application Firewall available as asubscription on its UTM appliances, SMBs no longer needto make a choice between the need and luxury of securingtheir applications using a Web Application Firewall. So far,lack of a simpler and better WAF option deferred theirinvestment in a Web Application Firewall. In enterprises,Cyberoam WAF removes the need of spending a fortune insecuring critical web applications by offering the WebApplication Firewall subscription at a minimal extra cost,which comes along with a host of other security featuresof a Unified Threat Management. Cyberoam WAF can beeasily deployed in an organization’s security infrastructurewithout requiring any change to existing Web applications.HackerInternetCyberoam’s Web Application FirewallCyberoam Web Application Firewall is available as a subscription on Cyberoam UTM appliances. It follows the positivesecurity model based on its Intuitive Website Flow Detector to secure websites and Web-based applications againstattacks like SQL injection, cross-site scripting (XSS), URL parameter tampering, session hijacking, buffer overflows,and more, including the OWASP Top 10 Web application vulnerabilities.Web UserClient /PartnerInternetSQL Injection, cookie poisoning, XSS,...CyberoamWeb Application FirewallWeb & ApplicationServerDatabase ServerHackerCyberoam Web Application Firewall Protection against Web-based Application AttacksCyberoam Web Application Firewall is deployed tointercept the traffic to and from the web servers to providean added layer of security against attacks before they canreach the web applications. Its Intuitive Website FlowDetector intelligently “self-learns” the legitimate behaviorand response of web applications. Based on the IntuitiveWebsite Flow Detector, the Web Application Firewallensures the sanctity of web applications in response toserver requests, protecting them against web applicationattacks. Cyberoam Web Application Firewall looks atevery request and response within the HTTP/HTTPS/WebService layers. It is effective at repelling attacks from awide range of commercial and open-source automatedvulnerability scanners (e.g. Nessus, WebInspect), as wellas hand-crafted attacks.

Future-readyCR 50iNGPOWERRESETPOWERCF/HDDConsole H G F E D C B AFuture-readyCR 50iNGPOWERRESETPOWERCF/HDDConsole H G F E D C B AFuture-readyCR 50iNGPOWERRESETPOWERCF/HDDConsole H G F E D C B AFuture-readyCR 50iNGPOWERRESETPOWERCF/HDDConsole H G F E D C B AFuture-readyCR 50iNGPOWERRESETPOWERCF/HDDConsole H G F E D C B AConforms to HTTP specification?Matches a user-defined policy?Adheres to Intuitive WebsiteFlow Detector?InternetHTTP/HTTPSwww.abcretaillogin.comInternetInternetimg1.gifInternetInternetHTTP Protocol SpecificationIntuitive Website Flow DetectorRequest is legitimate and adheres to theIntuitive Website Flow Detector’s “selflearning”in the past, when such arequest was last made to the Web server.User-defined policiesThe server request was not found valid underthe Intuitive Website Flow Detector’sknowledge from the past – the requested URLcannot be the entry point and it is, hence,blocked from reaching the Web server and thebrowser receives an HTTP 403 Forbiddenresponse code. No other information is exposedas decided under the User Defined Policy.The request doesn’t pass any of the 3 validation steps.Web server is thus protected from present/futureURL-based HTTP attacks.Features:Positive protection model without Signature TablesThe Cyberoam Web Application Firewall enforces apositive security model through Intuitive Website FlowDetector to automatically identify and block all applicationlayerattacks without relying on signature tables or patternmatchingtechniques. The Web Application Firewallconsiders defined Web application behavior as “good”.Any deviation is considered “bad”, or malicious, and isblocked accordingly. This provides security against zerodayattacks and eliminates the need to manually populateand update signature tables. The Intuitive Website FlowDetector automatically adapts to changes in the website.Comprehensive business logic protectionThe Cyberoam WAF protects against attacks like SQLinjection,cross-site scripting (XSS),and cookie-poisoningthat seek to exploit business logic behind Webapplications, ensuring they are used exactly as intended.HTTPS (SSL) encryption OffloadingAttackers cannot bypass the Cyberoam WAF protectionmeasures through an HTTPS (SSL) connection, mostlyused in the financial services, healthcare, e-commerce,and other industries that process sensitive data. The WAFnot only secures encrypted connections, but also reduceslatency of SSL traffic with its SSL offloading capabilities.Instant Web server hardeningThe Cyberoam WAF instantly shields any Webenvironment (IIS, Apache, WebSphere®, etc.) against themore than 14,000 common server mis-configurations andan ever-expanding universe of known 3rd-party softwarevulnerabilities.Reverse proxy for incoming HTTP/HTTPS trafficThe Cyberoam WAF follows a reverse proxy model for allincoming HTTP and HTTPS traffic which provides anadded level of security by virtualizing the applicationinfrastructure. All incoming Web application requests fromthe Web client terminate at the WAF. Valid requests aresubmitted to the back-end Web server, hiding theexistence and characteristics of originating servers.URL , Cookie, and Form hardeningApplication-defined URL query string parameters,cookies, and HTML form field values (including hiddenfields, radio buttons, checkboxes, and select options) areprotected by the Cyberoam WAF. Attempts to escalateuser privileges through cookie-poisoning, gain access toother accounts through URL query string parametertampering, and other types of browser data manipulationare automatically identified and blocked.Monitoring and reportingCyberoam Web Application Firewall provides alerts andlogs that help organizations with information on types ofattacks, source of attacks, action taken on them, and morethat help comply with the PCI DSS requirements.Additional Features:Block/alert known bad IP addressesCustomizable user messages for blocked requestsRate-based connection safeguards

Business Benefits Offers instant protection without requiring changes to existing Web applications when deployed. Prevents intruders from manipulating web content Protects data inside the organization from being hacked by exploiting Web application vulnerabilities Secures corporate brands, trade secrets, and Intellectual Property Maintains customer confidence in your website’s security, especially for banks, e-commerce, and more. Ensures sensitive information about the environment doesn’t go out to hackers by sending customizableerror messages to users. Easy to use with no special training required for administrators Low maintenance as it automatically adapts to website / web-application changes Promotes integrity and availability of Web applications Helps comply with mandatory PCI requirementsWAF subscription available on following Cyberoam UTM Appliances :Cyberoam NG series Appliances :CR25iNG, CR25wiNG, CR25iNG-6P, CR25wiNG-6P, CR35iNG, CR35wiNG, CR50iNG,CR100iNG, CR200iNG, CR200iNG-XP, CR300iNG, CR300iNG-XP, CR2500iNGCyberoam ia series Appliances :CR50ia, CR100ia, CR200i, CR300i, CR500ia, CR750ia, CR1000ia, CR1500iaS e c u r i n g Y o usales@cyberoam.com | www.cyberoam.comAwards & CertificationsVPNCCERTIFIEDwww.check-mark.comVPNCCERTIFIEDBasicInteropAESInteropSSLPortalSSLExchangeSSLFirefoxSSLJavaScriptSSL BasicNetwork ExtensionSSL AdvancedNetwork ExtensionBEST BUYPCPRORECOMMENDEDEDITOR’SC H O I C Ewww.itpro.co.ukRECOMMENDS2008 - Emerging Vendor of the YearNet AsiaTOPTECHCOMPANY2008/2009TechnoVisionariesNet AsiaTOPTECHCOMPANY2008/2009ITLeaderCyberoam Technologies505 Thornall Street, Suite # 304, Edison,New Jersey 08837, USA, Tel: 201 -301-2851India901, Silicon Tower, Behind Pariseema Building, Off, C.G.Road,Ahmedabad 380 006, INDIA, Tel: +91-79-66065606Toll Free NumbersUSA : +1-800-686-2360 | India : 1-800-301-00013APAC/MEA : +1-877-777-0368 | Europe : +44-808-120-3958Registered Trademark of Cyberoam Technologies

Business Benefits Offers instant protection without requiring changes to existing Web applications when deployed. Prevents intruders from manipulating web content Protects data inside the organization from being hacked by exploiting Web application vulnerabilities Secures corporate brands, trade secrets, and Intellectual Property Maintains customer confidence in your website’s security, especially for banks, e-commerce, and more. Ensures sensitive information about the environment doesn’t go out to hackers by sending customizableerror messages to users. Easy to use with no special training required for administrators Low maintenance as it automatically adapts to website / web-application changes Promotes integrity and availability of Web applications Helps comply with mandatory PCI requirementsWAF subscription available on following Cyberoam UTM Appliances :Cyberoam NG series Appliances :CR25iNG, CR25wiNG, CR25iNG-6P, CR25wiNG-6P, CR35iNG, CR35wiNG, CR50iNG,CR100iNG, CR200iNG, CR200iNG-XP, CR300iNG, CR300iNG-XP, CR2500iNGCyberoam ia series Appliances :CR50ia, CR100ia, CR200i, CR300i, CR500ia, CR750ia, CR1000ia, CR1500iaS e c u r i n g Y o usales@cyberoam.com | www.cyberoam.comAwards & CertificationsVPNCCERTIFIEDwww.check-mark.comVPNCCERTIFIEDBasicInteropAESInteropSSLPortalSSLExchangeSSLFirefoxSSLJavaScriptSSL BasicNetwork ExtensionSSL AdvancedNetwork ExtensionBEST BUYPCPRORECOMMENDEDEDITOR’SC H O I C Ewww.itpro.co.ukRECOMMENDS2008 - Emerging Vendor of the YearNet AsiaTOPTECHCOMPANY2008/2009TechnoVisionariesNet AsiaTOPTECHCOMPANY2008/2009ITLeaderCyberoam Technologies505 Thornall Street, Suite # 304, Edison,New Jersey 08837, USA, Tel: 201 -301-2851India901, Silicon Tower, Behind Pariseema Building, Off, C.G.Road,Ahmedabad 380 006, INDIA, Tel: +91-79-66065606Toll Free NumbersUSA : +1-800-686-2360 | India : 1-800-301-00013APAC/MEA : +1-877-777-0368 | Europe : +44-808-120-3958Registered Trademark of Cyberoam Technologies Pvt. Ltd.